[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fTk0Eg3CJWJnF7rviW0eQRq_ChLUsoo4Yv7C00kruMbU":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":25,"download_link":26,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30,"vulnerabilities":31,"developer":32,"crawl_stats":29,"alternatives":40,"analysis":127,"fingerprints":408},"peters-post-notes","Peter’s Post Notes","1.6.5","Peter","https:\u002F\u002Fprofiles.wordpress.org\u002Fpkthree\u002F","\u003Cp>Add notes on the “edit post” and “edit page” screens’ sidebars in WordPress 2.8 and up. When used with \u003Ca href=\"http:\u002F\u002Fwww.theblog.ca\u002Fwordpress-collaboration-emails\" title=\"From Peter's Useful Crap\" rel=\"nofollow ugc\">Peter’s Collaboration E-mails\u003C\u002Fa> 1.2 and up, the notes are sent along with the e-mails in the collaboration workflow.  There is also a general and private notes system on the dashboard.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cp>On its own, this plugin adds a panel to the sidebar of the add and edit post \u002F page screens so that users can add notes for themselves or others and keep track of these notes. Whenever you save a post, you can type a note to be displayed along with the post in the edit view.\u003C\u002Fp>\n\u003Cp>On the dashboard, there’s also a summary of the most recent notes. By default this shows notes by all people on relevant posts \u002F pages. There is also a general and private notes system.\u003C\u002Fp>\n\u003Cp>For an illustrated explanation on how the plugin works with \u003Ca href=\"http:\u002F\u002Fwww.theblog.ca\u002Fwordpress-collaboration-emails\" title=\"From Peter's Useful Crap\" rel=\"nofollow ugc\">Peter’s Collaboration E-mails\u003C\u002Fa> to send e-mails with the notes, see \u003Ca href=\"http:\u002F\u002Fwww.theblog.ca\u002Fwordpress-post-notes\" title=\"From Peter's Useful Crap\" rel=\"nofollow ugc\">this page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Translations\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>fr_FR translation by Denis Rebaud\u003C\u002Fli>\n\u003Cli>pt_BR translation by Murillo Ferrari\u003C\u002Fli>\n\u003Cli>es_ES translation by Karin Sequen\u003C\u002Fli>\n\u003Cli>ja translation by Kazuhiro Terada\u003C\u002Fli>\n\u003Cli>pl_PL translation by Michal Rozmiarek\u003C\u002Fli>\n\u003Cli>nl_NL translation by Rene of http:\u002F\u002Fwpwebshop.com\u003C\u002Fli>\n\u003Cli>sv_SE translation by Karin Lindholm\u003C\u002Fli>\n\u003Cli>ru_RU translation by Alexander Maltsev\u003C\u002Fli>\n\u003Cli>tr_TR translation by Berkay Unal of http:\u002F\u002Fwww.berkayunal.com\u003C\u002Fli>\n\u003Cli>da_DK translation by Lars Andersen\u003C\u002Fli>\n\u003Cli>de_DE translation by Tobias Karnetzke\u003C\u002Fli>\n\u003Cli>lt_LT translation by Vincent G of http:\u002F\u002Fwww.host1free.com\u003C\u002Fli>\n\u003Cli>it_IT translation by Ludo\u003C\u002Fli>\n\u003Cli>cs_CZ translation by Michal Kuk\u003C\u002Fli>\n\u003Cli>sk_SK translation by Patrik Žec (PATWIST) of http:\u002F\u002Fpatwist.com\u003C\u002Fli>\n\u003Cli>he_IL translation by Itamar Megged\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 3.2 or higher\u003C\u002Fli>\n\u003C\u002Ful>\n","Add notes to the \"edit post\" and \"edit page\" sidebars. Collaborators can also share notes on the WordPress dashboard.",3000,77872,98,26,"2020-08-20T14:49:00.000Z","5.5.18","3.2","",[20,21,22,23,24],"admin","collaboration","notification","post","workflow","http:\u002F\u002Fwww.theblog.ca\u002Fwordpress-post-notes","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpeters-post-notes.zip",85,0,null,"2026-03-15T15:16:48.613Z",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"pkthree",5,3810,89,35,80,"2026-04-04T05:52:59.455Z",[41,63,85,101,114],{"slug":42,"name":43,"version":44,"author":45,"author_profile":46,"description":47,"short_description":48,"active_installs":49,"downloaded":50,"rating":51,"num_ratings":52,"last_updated":53,"tested_up_to":54,"requires_at_least":55,"requires_php":18,"tags":56,"homepage":60,"download_link":61,"security_score":62,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"lh-archived-post-status","LH Archived Post Status","3.11","shawfactor","https:\u002F\u002Fprofiles.wordpress.org\u002Fshawfactor\u002F","\u003Cp>This plugin allows you to archive your WordPress content similar to the way you archive your e-mail. Unlike other archiving solutions though this actually does it all and does it properly\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Makes a new post status available in the drop down called Archived\u003C\u002Fli>\n\u003Cli>Hides or removes your content without having to trash the content\u003C\u002Fli>\n\u003Cli>Content can either be hidden entirely from public view  or simply from the main loop and feed and pages, with other solutions you can only hide it from public view.\u003C\u002Fli>\n\u003Cli>Allows you to add a label to the title of those posts\u002Fpages etc that are archived\u003C\u002Fli>\n\u003Cli>Allows you to add a message to the top of the post\u002Fpage etc that the content is no longer up too date\u003C\u002Fli>\n\u003Cli>Allows you to set an archiving date after which content is automatically changed to having an archived status\u003C\u002Fli>\n\u003Cli>Compatible with posts, pages and custom post types\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This plugin is ideal for sites where certain kinds of content is not meant to be evergreen\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Like this plugin? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Flh-archived-post-status\u002F\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Love this plugin or want to help the LocalHero Project? Please consider \u003Ca href=\"https:\u002F\u002Flhero.org\u002Fportfolio\u002Flh-archived-post-status\u002F\" rel=\"nofollow ugc\">making a donation\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n","Allows posts and pages to be archived so you can remove content from the main loop and feed without having to trash it.",4000,50462,82,18,"2024-10-16T05:00:00.000Z","6.6.5","5.0",[20,57,58,59,24],"pages","posts","status","https:\u002F\u002Flhero.org\u002Fportfolio\u002Flh-archived-post-status\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flh-archived-post-status.zip",92,{"slug":64,"name":65,"version":66,"author":67,"author_profile":68,"description":69,"short_description":70,"active_installs":71,"downloaded":72,"rating":71,"num_ratings":73,"last_updated":74,"tested_up_to":75,"requires_at_least":76,"requires_php":77,"tags":78,"homepage":83,"download_link":84,"security_score":71,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"pending-status","Pending Status","1.0.4","Room 34 Creative Services, LLC","https:\u002F\u002Fprofiles.wordpress.org\u002Froom34\u002F","\u003Cp>\u003Cstrong>Pending Status\u003C\u002Fstrong> is a super-simple solution for WordPress sites that need very basic workflow functionality. It’s easy to set up and doesn’t overload your site with unnecessary features.\u003C\u002Fp>\n\u003Cp>If you have Contributors who can create, but not publish, their own content on your site, Pending Status notifies you of any pending posts that are ready to review. By default, all users with the Administrator or Editor role will see a \u003Cstrong>Pending Status\u003C\u002Fstrong> box on the Dashboard, showing the counts of pending posts, with a convenient link to the list of pending posts for that post type.\u003C\u002Fp>\n\u003Cp>Optionally, you can also identify one or more Administrators\u002FEditors to receive email notifications whenever a post is saved with “pending” status. The subject and message of the email are fully editable, and a direct edit link for the post is included in the body of the email.\u003C\u002Fp>\n\u003Cp>Pending Status works with \u003Cem>all\u003C\u002Fem> publicly queryable post types: Posts, Pages, and even Custom Post Types created by third party plugins (e.g. WooCommerce, The Events Calendar, etc.), or your own custom code.\u003C\u002Fp>\n","Get notified when your site has posts pending review.",100,3677,2,"2025-04-24T17:36:00.000Z","6.8.5","4.9","7.0.0",[79,80,81,82,24],"notifications","pending","pending-review","post-status","https:\u002F\u002Froom34.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpending-status.1.0.4.zip",{"slug":86,"name":87,"version":88,"author":89,"author_profile":90,"description":91,"short_description":92,"active_installs":28,"downloaded":93,"rating":28,"num_ratings":28,"last_updated":94,"tested_up_to":95,"requires_at_least":76,"requires_php":96,"tags":97,"homepage":18,"download_link":100,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"admin-post-notifier","Admin Post Notifier","1.0.0","xwebyna","https:\u002F\u002Fprofiles.wordpress.org\u002Fxwebyna\u002F","\u003Ch3>Admin Post Notifier\u003C\u002Fh3>\n\u003Cp>Always want to be notified when any of your blog contributors submit a new post? If yes, the gaol of Admin Post Notifier is to deliver emails to the site admin when there is a new (or updated) pending post for review.\u003C\u002Fp>\n\u003Cp>No additional setting is required of you. The plugin utilizes the WordPress core email functionality to send email notifications when activated.\u003C\u002Fp>\n","This is a simple plugin that sends email notification for every new post submitted for review.",1003,"2021-01-07T23:12:00.000Z","5.6.17","7.4.13",[20,98,79,23,99],"email","review","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fadmin-post-notifier.zip",{"slug":102,"name":103,"version":104,"author":45,"author_profile":46,"description":105,"short_description":106,"active_installs":28,"downloaded":107,"rating":28,"num_ratings":28,"last_updated":108,"tested_up_to":109,"requires_at_least":110,"requires_php":18,"tags":111,"homepage":112,"download_link":113,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"lh-inclusive-private-pages","LH Inclusive Private Pages","1.00","\u003Cp>Allow draft, private (and other post types by filter) pages to be selected as parents in page dropdowns. Private posts, pages, and CPTs may also be added to menus.\u003C\u002Fp>\n\u003Cp>In addition if a user cannot access the post, page, or CPT (due to its post status) it will not appera to that user in the menu.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Like this plugin? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Flh-inclusive-private-pages\u002F\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Love this plugin or want to help the LocalHero Project? Please consider \u003Ca href=\"https:\u002F\u002Flhero.org\u002Fportfolio\u002Flh-inclusive-private-pages\u002F\" rel=\"nofollow ugc\">making a donation\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n","Extends the CRM possibilities for wordpress by allowing private posts\u002Fpages, and other CPt´s to be included in menus and also as the parent of other p &hellip;",1005,"2022-08-05T03:27:00.000Z","6.0.11","4.7",[20,57,58,59,24],"https:\u002F\u002Flhero.org\u002Fportfolio\u002Flh-inclusive-private-pages\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flh-inclusive-private-pages.zip",{"slug":115,"name":116,"version":117,"author":45,"author_profile":46,"description":118,"short_description":119,"active_installs":28,"downloaded":120,"rating":71,"num_ratings":121,"last_updated":122,"tested_up_to":109,"requires_at_least":123,"requires_php":18,"tags":124,"homepage":125,"download_link":126,"security_score":27,"vuln_count":28,"unpatched_count":28,"last_vuln_date":29,"fetched_at":30},"lh-logged-in-post-status","LH Logged In Post Status","1.09","\u003Cp>Sometimes you need to restrict access to content but give all logged in users access, whilst not allowing regular visitors. This plugin facilitates that\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Like this plugin? Please consider \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fview\u002Fplugin-reviews\u002Flh-logged-in-post-status\u002F\" rel=\"ugc\">leaving a 5-star review\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Love this plugin or want to help the LocalHero Project? Please consider \u003Ca href=\"https:\u002F\u002Flhero.org\u002Fportfolio\u002Flh-logged-in-post-status\u002F\" rel=\"nofollow ugc\">making a donation\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n","Allows you to restrict access to posts, pges etc to logged in users only.",1432,1,"2022-08-03T03:56:00.000Z","4.0",[20,57,58,59,24],"https:\u002F\u002Flhero.org\u002Fportfolio\u002Flh-logged-in-post-status\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flh-logged-in-post-status.zip",{"attackSurface":128,"codeSignals":188,"taintFlows":324,"riskAssessment":394,"analyzedAt":407},{"hooks":129,"ajaxHandlers":172,"restRoutes":184,"shortcodes":185,"cronEvents":186,"entryPointCount":187,"unprotectedCount":73},[130,136,140,143,147,150,155,159,163,168],{"type":131,"name":132,"callback":133,"file":134,"line":135},"action","init","ppn_textdomain","peters_post_notes.php",48,{"type":131,"name":137,"callback":138,"file":134,"line":139},"admin_menu","ppn_adminmenu",1095,{"type":131,"name":137,"callback":141,"file":134,"line":142},"ppn_add_meta_box",1287,{"type":131,"name":144,"callback":145,"file":134,"line":146},"wp_dashboard_setup","ppn_add_dashboard",1288,{"type":131,"name":144,"callback":148,"file":134,"line":149},"ppn_add_dashboard_general",1289,{"type":131,"name":151,"callback":152,"priority":153,"file":134,"line":154},"edit_post","ppn_save_note",10,1290,{"type":131,"name":156,"callback":157,"priority":153,"file":134,"line":158},"delete_post","ppn_delete_notes",1291,{"type":131,"name":160,"callback":161,"file":134,"line":162},"admin_print_scripts","ppn_js_admin_header",1295,{"type":164,"name":165,"callback":166,"file":134,"line":167},"filter","manage_posts_columns","notes_column_header",1298,{"type":131,"name":169,"callback":170,"file":134,"line":171},"manage_posts_custom_column","notes_column_content",1299,[173,177,181],{"action":174,"nopriv":175,"callback":174,"hasNonce":175,"hasCapCheck":175,"file":134,"line":176},"ppn_edit_note",false,1133,{"action":178,"nopriv":175,"callback":178,"hasNonce":179,"hasCapCheck":175,"file":134,"line":180},"ppn_delete_note",true,1217,{"action":182,"nopriv":175,"callback":182,"hasNonce":175,"hasCapCheck":175,"file":134,"line":183},"ppn_load_page",1266,[],[],[],3,{"dangerousFunctions":189,"sqlUsage":190,"outputEscaping":226,"fileOperations":28,"externalRequests":28,"nonceChecks":73,"capabilityChecks":73,"bundledLibraries":323},[],{"prepared":191,"raw":192,"locations":193},7,14,[194,197,200,203,205,208,210,212,214,216,218,220,222,224],{"file":134,"line":195,"context":196},158,"$wpdb->get_row() with variable interpolation",{"file":134,"line":198,"context":199},360,"$wpdb->get_results() with variable interpolation",{"file":134,"line":201,"context":202},484,"$wpdb->query() with variable interpolation",{"file":134,"line":204,"context":199},530,{"file":134,"line":206,"context":207},710,"$wpdb->get_var() with variable interpolation",{"file":134,"line":209,"context":199},728,{"file":134,"line":211,"context":202},795,{"file":134,"line":213,"context":207},813,{"file":134,"line":215,"context":207},831,{"file":134,"line":217,"context":207},1101,{"file":134,"line":219,"context":207},1107,{"file":134,"line":221,"context":207},1160,{"file":134,"line":223,"context":207},1239,{"file":134,"line":225,"context":202},1249,{"escaped":227,"rawEcho":228,"locations":229},12,46,[230,233,235,237,239,241,243,245,247,249,251,253,255,257,259,261,263,265,267,269,271,273,275,277,279,281,283,285,287,289,291,293,295,297,299,301,303,305,307,309,311,313,315,317,319,321],{"file":134,"line":231,"context":232},162,"raw output",{"file":134,"line":234,"context":232},370,{"file":134,"line":236,"context":232},372,{"file":134,"line":238,"context":232},378,{"file":134,"line":240,"context":232},379,{"file":134,"line":242,"context":232},380,{"file":134,"line":244,"context":232},381,{"file":134,"line":246,"context":232},382,{"file":134,"line":248,"context":232},384,{"file":134,"line":250,"context":232},388,{"file":134,"line":252,"context":232},389,{"file":134,"line":254,"context":232},390,{"file":134,"line":256,"context":232},391,{"file":134,"line":258,"context":232},396,{"file":134,"line":260,"context":232},398,{"file":134,"line":262,"context":232},399,{"file":134,"line":264,"context":232},411,{"file":134,"line":266,"context":232},424,{"file":134,"line":268,"context":232},426,{"file":134,"line":270,"context":232},590,{"file":134,"line":272,"context":232},591,{"file":134,"line":274,"context":232},592,{"file":134,"line":276,"context":232},600,{"file":134,"line":278,"context":232},644,{"file":134,"line":280,"context":232},652,{"file":134,"line":282,"context":232},654,{"file":134,"line":284,"context":232},659,{"file":134,"line":286,"context":232},664,{"file":134,"line":288,"context":232},668,{"file":134,"line":290,"context":232},673,{"file":134,"line":292,"context":232},676,{"file":134,"line":294,"context":232},882,{"file":134,"line":296,"context":232},886,{"file":134,"line":298,"context":232},913,{"file":134,"line":300,"context":232},936,{"file":134,"line":302,"context":232},941,{"file":134,"line":304,"context":232},956,{"file":134,"line":306,"context":232},961,{"file":134,"line":308,"context":232},979,{"file":134,"line":310,"context":232},984,{"file":134,"line":312,"context":232},1002,{"file":134,"line":314,"context":232},1007,{"file":134,"line":316,"context":232},1025,{"file":134,"line":318,"context":232},1030,{"file":134,"line":320,"context":232},1071,{"file":134,"line":322,"context":232},1076,[],[325,349,359,374],{"entryPoint":326,"graph":327,"unsanitizedCount":28,"severity":348},"ppn_delete_note (peters_post_notes.php:1219)",{"nodes":328,"edges":345},[329,334,339,341],{"id":330,"type":331,"label":332,"file":134,"line":333},"n0","source","$_POST",1228,{"id":335,"type":336,"label":337,"file":134,"line":223,"wp_function":338},"n1","sink","get_var() [SQLi]","get_var",{"id":340,"type":331,"label":332,"file":134,"line":333},"n2",{"id":342,"type":336,"label":343,"file":134,"line":225,"wp_function":344},"n3","query() [SQLi]","query",[346,347],{"from":330,"to":335,"sanitized":179},{"from":340,"to":342,"sanitized":179},"low",{"entryPoint":350,"graph":351,"unsanitizedCount":121,"severity":358},"ppn_edit_note (peters_post_notes.php:1135)",{"nodes":352,"edges":356},[353,355],{"id":330,"type":331,"label":332,"file":134,"line":354},1145,{"id":335,"type":336,"label":337,"file":134,"line":221,"wp_function":338},[357],{"from":330,"to":335,"sanitized":175},"high",{"entryPoint":360,"graph":361,"unsanitizedCount":121,"severity":358},"ppn_load_page (peters_post_notes.php:1268)",{"nodes":362,"edges":371},[363,365,368],{"id":330,"type":331,"label":332,"file":134,"line":364},1273,{"id":335,"type":366,"label":367,"file":134,"line":364},"transform","→ ppn_dashboard_general_newest()",{"id":340,"type":336,"label":369,"file":134,"line":209,"wp_function":370},"get_results() [SQLi]","get_results",[372,373],{"from":330,"to":335,"sanitized":175},{"from":335,"to":340,"sanitized":175},{"entryPoint":375,"graph":376,"unsanitizedCount":121,"severity":358},"\u003Cpeters_post_notes> (peters_post_notes.php:0)",{"nodes":377,"edges":389},[378,380,381,382,383,385,387],{"id":330,"type":331,"label":379,"file":134,"line":354},"$_POST (x2)",{"id":335,"type":336,"label":337,"file":134,"line":221,"wp_function":338},{"id":340,"type":331,"label":332,"file":134,"line":333},{"id":342,"type":336,"label":343,"file":134,"line":225,"wp_function":344},{"id":384,"type":331,"label":332,"file":134,"line":364},"n4",{"id":386,"type":366,"label":367,"file":134,"line":364},"n5",{"id":388,"type":336,"label":369,"file":134,"line":209,"wp_function":370},"n6",[390,391,392,393],{"from":330,"to":335,"sanitized":179},{"from":340,"to":342,"sanitized":179},{"from":384,"to":386,"sanitized":175},{"from":386,"to":388,"sanitized":175},{"summary":395,"deductions":396},"The \"peters-post-notes\" plugin v1.6.5 exhibits a mixed security posture. While it demonstrates good practices in avoiding dangerous functions, file operations, and external HTTP requests, and has a clean vulnerability history, significant concerns arise from its attack surface and code analysis. Two of its three AJAX handlers lack authentication checks, presenting a direct entry point for unauthorized actions. The taint analysis reveals three high-severity flows with unsanitized paths, indicating potential for injection vulnerabilities if these paths are reachable through the unprotected AJAX handlers. Furthermore, only 21% of output is properly escaped, increasing the risk of Cross-Site Scripting (XSS) vulnerabilities, especially when combined with unsanitized input from the unprotected AJAX endpoints. The limited use of prepared statements for SQL queries (33%) also poses a risk of SQL injection, particularly if sensitive data is handled without proper sanitization.\n\nWhile the plugin has no known CVEs, this is not a guarantee of current security. The presence of critical taint flows and unprotected entry points suggests potential vulnerabilities that may not have been discovered or publicly disclosed. The lack of robust authentication on AJAX handlers is a critical oversight. The plugin's strengths lie in its absence of known vulnerabilities and its avoidance of certain high-risk practices. However, the identified weaknesses, particularly the unprotected AJAX endpoints and unsanitized data flows, create a significant risk profile that requires immediate attention to prevent exploitation.",[397,399,402,405],{"reason":398,"points":153},"Unprotected AJAX handlers",{"reason":400,"points":401},"High severity taint flows with unsanitized paths",15,{"reason":403,"points":404},"Low percentage of properly escaped output",8,{"reason":406,"points":153},"Low percentage of SQL queries using prepared statements","2026-03-16T18:24:29.909Z",{"wat":409,"direct":418},{"assetPaths":410,"generatorPatterns":413,"scriptPaths":414,"versionParams":415},[411,412],"\u002Fwp-content\u002Fplugins\u002Fpeters-post-notes\u002Fcss\u002Fppn-style.css","\u002Fwp-content\u002Fplugins\u002Fpeters-post-notes\u002Fjs\u002Fppn-scripts.js",[],[412],[416,417],"peters-post-notes\u002Fcss\u002Fppn-style.css?ver=","peters-post-notes\u002Fjs\u002Fppn-scripts.js?ver=",{"cssClasses":419,"htmlComments":434,"htmlAttributes":446,"restEndpoints":449,"jsGlobals":450,"shortcodeOutput":459},[420,421,422,423,424,425,426,427,428,429,430,431,432,433],"ppn_add_note","ppn_add_general_note","ppn_notes_list","ppn_note_delete_button","ppn_note_edit_button","ppn_note_reply_button","ppn_note_general_list","ppn_note_general_delete_button","ppn_note_general_edit_button","ppn_note_general_reply_button","ppn_current_user_notes","ppn_all_notes_by_all_users","ppn_all_notes_by_users_on_relevant_posts","ppn_other_users_notes_on_relevant_posts",[435,436,437,438,439,440,441,442,443,444,445],"\u003C!-- As of version 1.5.0 of this plugin and higher, all settings are configured in \"Settings\" > \"Peter's Post Notes\" in the WordPress admin panel -->","\u003C!-- If the user does not exist (if they've been removed, for example, show a default name) -->","\u003C!-- This function is a copy of wp_kses_data that was introduced in WordPress 2.9 -->","\u003C!-- It's copied in this plugin to retain compatibility with WordPress 2.8 -->","\u003C!-- NOTE: This is a check for security purposes. If the nonce is invalid, display an error message and stop processing. -->","\u003C!-- CSRF protection -->","\u003C!-- Add notes on the \"edit post\" and \"edit page\" screens' sidebars, as well as general notes on the dashboard, in WordPress 2.8 and up. When used with Peter's Collaboration E-mails 1.2 and up, the notes are sent along with the e-mails in the collaboration workflow. -->","\u003C!-- Current user notes -->","\u003C!-- All notes by all users -->","\u003C!-- All notes by users on relevant posts -->","\u003C!-- Other users' notes on relevant posts -->",[447,448],"data-ppn-note-id","data-ppn-general-note-id",[],[451,452,453,454,455,456,457,458],"ppn_ajax_url","ppn_nonce_delete_note","ppn_nonce_edit_note","ppn_nonce_add_note","ppn_nonce_update_settings","ppn_nonce_delete_general_note","ppn_nonce_edit_general_note","ppn_nonce_add_general_note",[]]